module: remove require('.') with NODE_PATH compat

[silverwind]

This PR replaces #1452. It's updated and targets master now. Adding 6.0.0 milestone as discussed.

[silverwind]

CI: https://ci.nodejs.org/job/node-test-pull-request/514/

[silverwind]

Going to postpone this removal once more. This incompatibilty and the subsequent hack were added during io.js. the exposure time of this deprecation message would be quite short for users of 4.x. Likely target is 7.0.0.

[jasnell]

@silverwind ... is this still something you want to pursue?

[silverwind]

Yes, I'm just waiting for the v6 release so I can land this on master.

[benjamingr]

Mind elaborating on this change? Also, can we get a citgm run?

[silverwind]

Rebased.

@benjamingr:

When we introduced require('.') it had broken a undocumented use case (#1356) where NODE_PATH was set to a module's directory (as opposed to the recommended way of setting it to a directory containing module directories).

I introduced a 'hack' to restore the functionality with a deprecation message in place (#1363), which is now removed again. When this goes into the 7.0.0 release, the deprecation will have been in place for 1.5 years.

[silverwind]

CI: https://ci.nodejs.org/job/node-test-pull-request/2465/

[ChALkeR]

Perhaps we should review the stability levels in the documentation first?
Filed #6528 for that.

[silverwind]

Test is broken. Looks like something in ae18bbe made my "maintain backwards compat" section neccessary to resolve '.' correctly, investigating.

[silverwind]

Condition fixed, new CI: https://ci.nodejs.org/job/node-test-pull-request/2468/

[silverwind]

CI is green except an unrelated java failure. I don't think a CITGM would bring any more insights here because modules usually don't set NODE_PATH.

[silverwind]

@thealphanerd can you run this through a CITGM, just to be sure?

[MylesBorins]

citgm: https://ci.nodejs.org/view/Node.js-citgm/job/thealphanerd-smoker/273/

[ChALkeR]

Note that this change currently directly contradicts with the documentation, which says that only security, performance, or bug fixes will be accepted for module.

Either the documentation should be fixed first, or this change rejected.

[silverwind]

@mscdex does this change look right to you? The condition was start !== '.' && start !== './' && start !== '..' before you refactored it to use charCodeAt. Tests are passing, but I'd like to get a second look on that one.

[mscdex]

You'll want to add appropriate request length checking before using charCodeAt(n) to make sure you don't cause a deopt due to an out-of-bounds access.

[silverwind]

While #6528 is still in limbo, I'd like to get this hack removed rather sooner than later.

@nodejs/collaborators any concerns regarding the changes? (See #3384 (comment) for a summary)

[mscdex]

Instead of removing this test should we merely assert the opposite?

[silverwind]

Good idea!

[silverwind]

Totally forgot about this one. I'll move it to the next milestone.

[BridgeAR]

+1 for option 2

[silverwind]

I don't assume that a CITGM will catch anything here. The compat is just for users that set NODE_PATH manually, which I assume no sane module would do by itself. Oh, and those users now have been seeing the deprecation for almost 2.5 years. I'll start a CI run now.

[silverwind]

CI: https://ci.nodejs.org/job/node-test-pull-request/9878/

(For real now, couldn't start the last time because the CI was down)

[jasnell]

@nodejs/ctc ... please take a look at this and weigh in.

@BridgeAR (I totally meant to mention @silverwind rather than @BridgeAR here) ... this would also need to update the documentation in docs/api/deprecations.md to mark that the deprecation is at the End-of-Life stage.

[silverwind]

@jasnell done.

I'll land this tomorrow if there are no objections.

[jdalton]

🎉 which Node version is this expected to land in?

[jasnell]

It's a major so it would land in 9.0.0

[silverwind]

Finally landed in a517466. It's been a long ride.

[MylesBorins]

@nodejs/tsc it appears that this landed without running citgm and it is breaking a fairly insignificant portion of our ecosystem.

It breaks a common use case of the module d specifically:

require('d/lazy')

A revert is incoming. If we had caught this earlier we may have been able to come up with a fix but with d receiving over 500k downloads a day I don't see how we can ship this tomorrow

[MylesBorins]

Some more details after a bit more research

this commit specifically broke the case of requiring individual files in modules that only have a single character as a name. This will thankfully be limited to 26 cases!

The specific line that broke things is a517466#diff-d1234a869b3d648ebfcdce5a76747d71L338

In light of this specific edge case we may want to re-examine the deprecation all together